Description
A weakness has been identified in FNKvision Y215 CCTV Camera 10.194.120.40. This vulnerability affects unknown code of the file s1_rf_test_config of the component Telnet Sevice. Executing manipulation can lead to backdoor. The physical device can be targeted for the attack. This attack is characterized by high complexity. It is stated that the exploitability is difficult. The exploit has been made available to the public and could be exploited. The vendor was contacted early about this disclosure but did not respond in any way.
References (5)
Core 5
Core References
Permissions Required, VDB Entry vdb-entry
https://vuldb.com/?id.321215
Permissions Required, VDB Entry signature
permissions-required
https://vuldb.com/?ctiid.321215
Permissions Required, VDB Entry third-party-advisory
https://vuldb.com/?submit.629812
Various Sources related
https://vorachat.somsuay.com/blog/Hacking%20CCTV%20FNKvision%20-%20Y215
Scores
CVSS v3
6.4
EPSS
0.0017
EPSS Percentile
6.5%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-912
Status
published
Products (1)
FNKvision/Y215 CCTV Camera
10.194.120.40
Published
Aug 24, 2025
Tracked Since
Feb 18, 2026